Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Ruby OpenSSL RSA sign leak
require 'openssl'
require 'base64'
PKEY =<<-EOS
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEA6Q/xPIBPqiPawrdEO3WCRMTaKrnu29ulFDoFbjbMRhgT1aWG
vOIVP6vFfxCN0zJKuQFhxuxRAlM1mNcM38wc7m0P+6qvrEsI2SOGbUh/ozZnRuPP
hLm0tnBySmaLVVgktW8cQ0smILeL2u+n2ZyNs5F1G8VSNyGTdRsoyYs8I9Bi04Dy
2iS0g5a0ZuKGtbP/fn1/Z1gNV3aLjFKkYj7Dwyc67RTkRpcsW4MXrl7LUmV9YDNB
S/ro7YvhlwxeVZ8u54gB3Gz9g1os+YZ6ZMiQo8jgFXJP7gbJgyXHxh7mVzUmUrbU
S3TCohaIgHz/m++Unzr6l+d8FFpeHlLaDsvtuwIDAQABAoIBACSiyusVyHAYXsUJ
BgLKwAWLZDgfLjsFVffN/xiKKKZEFqoY8Qs0Bt8RY2RL999hInnei743W6yf4+b4
tx9e+JVKM579/8t3qBZqDTGUmevQG3/7Q527i3q6Rl0HrZNm3a5fnvO9FmtCLwvl
bF86ytOVY/FPnVLpRkK8WDcGWhfO1zoN7mbT/nxBMOY6Dcan7i8XKoFRY0fc7Mf2
UaMJ+jbtpo0VO3YmJ6gRS9D+vZUdOXqSTtKm8a3WFA9iQDBGkKL0Qf5Y94CmI8om
1plB+RHJlm128Ay5DI9UvgME47FcPmF+AJyLFcACsFA/oCV2kv57ravoulKh8Z8R
DXoqQ2ECgYEA/8MmF0/8hrkx74U/aiFKCkc4LFM7ITztzH1pKENs1S6uaOvUkL1J
ke4DrjKU364QUdNppXWj2NN0sjvczNj3R+77FLRyRivGen4HPK3d8YgP2kvLSDvu
XkEIICXroSJbkKkiBNSFDlAP5D9GXwujz/878mjh1NlKqFGD6MW4VykCgYEA6Udk
iZ3grc8sO4cPzbCNBkl6ELffxwv3m+Yhp5+AJVNrUKttJDBAfM0xyPLBKLnIW50x
i2mnawgnvMNyX9/JbSueclWtvGvDfy+KjccBOfoCq9sc1DdC+q4t0sVA3sU6NMF6
HpJtb48x0nOcGllcTnbHajNWAsrVjlBYWNP97kMCgYB3oBIn4zyM0wAdNKilfi6A
QjFu4fsNH89lzt6pe2fjCjN/VZaVoENR4w6LopLpUCPH8ec/AZgCKV0ypDcxBOYc
GhYL6B5u3bi2wE2oPvZJK0em5b6N6aIjKa2gQ7xDIKvNLJ6BvdkCCcZ1DndeqzYS
aiHiztWZ1YxKz92vuRLwiQKBgQCa1pRY873qIBUP/fnzYTh579NhvWp/R+Y2SG4W
QLxiChi1FtP+rThgniJpaxfi3E2s4Y29J4fEd0lI9cG4+WVNXSJyaYRECJNenEOv
D2Q1A0k6oNll0rhWg75OpDcGpoqX8cQI/tA8uCMtuSboJmAqhJSgXSq997wAFjxN
2Yg22QKBgQCxu349Bojo7KPyShfDa6/INhHEVKb2bhxE7/ORsVWvEDvzjSsTfMa5
lSk5kvp5/rDc3QVlr+0VOtszFrnIqTqXHpF7XJzxVPyalkSaZpWBrJ1MR7XEslHJ
u8qhJIw5rhpfgZjk0JgLD3p8tzwiCtoM2KSmJVf21rRYtnQs7NRFOQ==
-----END RSA PRIVATE KEY-----
EOS
def run(iter=10_000)
pkey = OpenSSL::PKey::RSA.new(PKEY)
iter.times do |x|
print '.' if x % 10000 == 0
pkey.sign(OpenSSL::Digest::SHA1.new, 'policy')
end
end
def report
puts GC.stat
puts 'Memory ' + `ps ax -o pid,rss | grep -E "^[[:space:]]*#{$$}"`
.strip.split.map(&:to_i)[1].to_s + 'KB'
end
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.